Database memory management in a high availability database system using limits

ABSTRACT

Receiving a statement including requests for database operations in a secondary database system storing data replicated from a primary database system by replaying transaction output generated by the primary database system; responsive to receiving the statement, requesting an allocation of memory from the secondary database system to support the requested database operations; generating an aggregated statement memory consumption value based on the amount of memory consumed by all statements executing in the secondary database system that are not associated with replaying the transaction logs; determining that the requested allocation of memory in addition to the aggregated statement memory consumption value exceeds a total statement execution memory limit indicating a total amount of memory that may be allocated to all database operations associated with statement execution in a secondary database system, and denying the requested allocation of memory. Related apparatus, systems, techniques and articles are also described.

TECHNICAL FIELD

The subject matter described herein relates to database systems and moreparticularly to database systems employing a primary database and asecondary, hot-standby, database.

BACKGROUND

A database system includes a database and a database management system(DBMS). A database is an organized collection of data. A DBMS comprisescomputer software that executes on one or more processors and interactswith users, other applications, and a database to capture and analyzedata. A DBMS may allow for the definition, creation, querying, update,and administration of databases.

Database systems rely on data replication and synchronization tomaintain continuous system availability. Typically, in such a system, acomplete copy of the database is stored at a first datacenter and thesame complete copy of the database is stored at a second datacenter. Thefirst and second datacenters may be in different locations or they maybe in the same location. Since the data in the second datacenter needsto be the same as the data in the first datacenter, a synchronizationmechanism is typically employed to handle synchronization of the data.If there is a failure associated with the first datacenter, the systemcan switch to using the database at the second datacenter withoutsignificant issues.

Since the second datacenter may be asked to perform all of the sametasks as the first datacenter, typically, the second datacenter has thesame hardware and software requirements as the first datacenter.Sometimes more than two datacenters may be included within a database.

SUMMARY

In a first aspect, a statement is received that includes requests fordatabase operations in a secondary database system where the secondarydatabase system stores data replicated from a primary database system.Primary database system data updates are replicated by replayingtransaction logs containing output generated by the primary databasesystem while executing database operations. Responsive to receiving thestatement, a process requests an allocation of memory from the secondarydatabase system to support the requested database operations.Subsequently, an aggregated statement memory consumption value isgenerated based on the amount of memory consumed by all statementsexecuting in the secondary database system that are not associated withreplaying the transaction logs. A determination is then made that therequested allocation of memory in addition to the aggregated statementmemory consumption value exceeds a total statement execution memorylimit, which indicates a total amount of memory that may be allocated toall database operations associated with statement execution in asecondary database system, and the requested allocation of memory isdenied.

The statement requesting database operations can be received from aclient application of a primary database system that is engaged in aload balancing operation with the secondary database system, andresponsive to denying the requested allocation, the first statement canbe routed to a client application with information indicating that thestatement is to be routed to the primary database system. Sometimelater, the secondary database system can de-allocate memory associatedwith a completed statement, and then receive another statement includingan additional request for database operations in the secondary databasesystem. Then a request for a second allocation of memory can be made ofthe secondary database system, and, a second aggregated statement memoryconsumption value can be generated based on the amount of memoryconsumed by all statements executing at the secondary database systemthat are not associated with replaying the transaction logs. Based on asecond aggregated statement memory consumption value, it can bedetermined that the requested second allocation of memory in addition tothe second aggregated statement memory consumption value does not exceeda total statement execution memory limit value; and an allocation ofmemory can be made to a thread or process for executing requesteddatabase operations. When the allocation is made, a statement memorylimit object can be passed to the executing thread or process. Such alimit object can include a total statement execution memory limit value,and an allocation value indicating the memory allocated to the thread orprocess.

The requested database operations can then be executed, and duringexecution it may be detected that the thread requires an increasedmemory allocation. In such aspects, it can be determined, based on alimit object, that an increased memory allocation will not cause theaggregated statement memory consumption value to exceed the totalstatement execution memory limit value, and the requested increasedmemory allocation can be granted. Responsive to allocating the increasedallocation, the allocation value of the statement memory limit objectcan be updated by generating a new aggregated statement memoryconsumption value accounting for the increased memory allocation andreplacing the aggregated statement memory consumption value with the newaggregated statement memory consumption value.

A plurality of additional threads can be executing and each additionalthread can execute database operations requested by a plurality ofstatements, and each of the additional threads can be allocatedallocating memory including passing each additional thread a pointer toa statement memory limit object. A database replication execution memorylimit value can also be generated to indicate the total amount of memoryallocated to replicating the primary database system in the secondarydatabase system by replaying transaction logs containing outputgenerated by the primary database system. This database replicationexecution memory limit value may be fifty percent of total system memoryat the secondary database system, but this value can also be tailored toneeds of the system.

It can also be detected that the replication of the primary databasesystem based on the transaction logs of the primary database systemrequires additional memory. A new total amount of memory that may beconsumed by database operations associated with statements executing inthe secondary database system can then be generated based on anadditional amount of memory required by replicating the secondarydatabase system. When the new total amount of memory is generated, atotal statement execution memory limit parameter can be updated with anew total amount of memory that may be consumed by database operationsassociated with statements executed in the secondary database system.

The replication of a primary database system based on replayingtransaction logs containing output generated by the primary databasesystem may include receiving database transaction log containing outputgenerated by a primary database system while the primary database systemwas previously executing client application requested databaseoperations. These client application requested database operations maybe in the form of statements. These client requested database operationscan cause the primary system processes to output data in databasetransaction logs, which can then be replayed to replicate databaseoperations in a secondary database system.

Replicating the client requested database operations can causereplication statements to be executed by a secondary database system.These replicated statements may be handled by a plurality of threadshaving that may have associated replication memory allocations. Memoryallocated to statements not associated with replicating a primarydatabase system based on transaction logs can be managed by a limitobject that may exclude memory allocated to replicated statements. Amemory allocation report can be generated to contain an associationbetween each statement executing in a database system and eachrespective memory allocation, and may also contain a generatedaggregated statement memory consumption value.

In an interrelated aspect, a statement requesting database operations issent to a primary database system that is engaged in load balancingoperations with a secondary database system. Subsequently, a response isreceived from a primary database system including informationinstructing that a secondary database system is to attempt to executethe statement, and the statement is sent to the secondary databasesystem. Then, an out of memory condition is received from a secondarydatabase system indicating that the secondary database system hasexhausted its memory allocated to executing statements, the statement issent to the primary database system for execution. A statementrequesting database operations can initially be sent to the primarysystem responsive to a client application of a database of the firstdatabase system. Such a statement, may also be generated responsive to aDBMS application. And, a statement may also be generated to includeassociated routing information to indicate that such a statement may beload balanced. This routing information may further include one or moreconditions that should be satisfied before the statement is routed orload balanced.

In interrelated aspects, a plurality of statements are executed in aprimary database system, causing output from a plurality of databaseoperations associated with the plurality of statements to be generated.The output is sent to a secondary database system for replicationthereby enabling that secondary database system to support loadbalancing operations of the primary database system. A clientapplication statement is then received that requests additional databaseoperations. The client application statement is then routed to thesecondary database system to be executed in support of the loadbalancing operations. Subsequently, an out of memory condition isreceived that indicates that the secondary database system has consumedall memory resources allocated to load balancing operations, then theadditional database operations requested by the client applicationstatement are executed in the primary database system. The secondarydatabase system memory allocated to statement execution can be limitedby a minimum amount of memory allocated to the replication processes.

Non-transitory computer program products (i.e., physically embodiedcomputer program products) are also described that store instructions,which when executed by one or more data processors of one or morecomputing systems, cause at least one data processor to performoperations herein. Similarly, computer systems are also described thatmay include one or more data processors and memory coupled to the one ormore data processors. The memory may temporarily or permanently storeinstructions that cause at least one processor to perform one or more ofthe operations described herein. In addition, methods can be implementedby one or more data processors either within a single computing systemor distributed among two or more computing systems. Such computingsystems can be connected and can exchange data and/or commands or otherinstructions or the like via one or more connections, including but notlimited to a connection over a network (e.g., the Internet, a wirelesswide area network, a local area network, a wide area network, a wirednetwork, or the like), via a direct connection between one or more ofthe multiple computing systems, etc.

The subject matter described herein provides many technical advantages.As an example, the subject matter described herein may provide increasedaverage throughput for a database system during high workloads byenabling effective load balancing techniques for balancing the workloadof a primary system with a backup database system. Protecting the amountof system resources available to replaying transaction logs at thesecondary database or a backup database system may be maintained in anear current state with respect to a primary system that is undercontinuous use by one or more applications or users. Guaranteeing aminimum amount of system memory ensures that the log reply speed at thebackup system can sustain the pace of log generation speed of a primarysystem under write-intensive workloads. By enabling near current andconsistent transactional visibility of transactions that are replicatedfrom a primary database the secondary database is able to assume aportion of the workload of a primary database system while alsoproviding meaning returns in support of that workload. Withoutprotecting system resources allocation to the replication processes,memory allocation to an intensive workload will may degrade thereplication processes thereby causing a substantial delay between anupdate in the primary system and when that update is replicated in thesecondary, or backup, system, and may make the secondary, or backup,database system ineffective in providing support to load balancingoperations. The subject matter described herein allows a computer systemto maintain consistent and useful, near-current, data visibility by asecondary database while data is updated and table structures aremodified while concurrently replicating the of data the primary databasesystem in the secondary database system.

The details of one or more variations of the subject matter describedherein are set forth in the accompanying drawings and the descriptionbelow. Other features and advantages of the subject matter describedherein will be apparent from the description and drawings, and from theclaims.

DESCRIPTION OF DRAWINGS

FIG. 1 is a system diagram illustrating an example database system foruse in connection with the current subject matter;

FIG. 2 is a system diagram illustrating an example database system thatcan support distribution of server components across multiple hosts forscalability and/or availability purposes for use in connection with thecurrent subject matter;

FIG. 3 is a diagram illustrating an architecture for an index server foruse in connection with the current subject matter;

FIG. 4 is a functional flow diagram illustrating an architecture tosupport load balancing between a primary database system and a secondarydatabase system;

FIG. 5 is a functional flow diagram depicting one example solution tomanaging load balancing in a HA/DR system for use in connection with thecurrent subject matter;

FIG. 6 is a diagram illustrating an exemplary report of statement memoryusage in accordance with the current subject matter;

FIG. 7 is a process flow diagram illustrating responding to memoryallocation requests in a database system; and

FIG. 8 is a process flow diagram illustrating requesting databaseoperations from a database system employing memory limitations in a loadbalancing configuration.

FIG. 9 is a process flow diagram illustrating routing of statementsrequesting database operations from a database system employing memorylimitations in a load balancing configuration.

Like reference symbols in the various drawings indicate like elements.

DETAILED DESCRIPTION

The current subject matter is directed to enhanced techniques for memorymanagement when load balancing a workload between two systems, forexample when such load balancing is executed concurrently with replay ofdatabase operations using, for example, a redo log.

A database or database system may be represented as a table or a set oftables, the tables containing data in rows and/or columns. In a rowbased database, data in a table may be stored and organized by rows.Alternatively, data in a table may also be stored and organized bycolumns and such a database is called a column oriented database or acolumnar database. Column oriented databases typically make moreefficient use of storage by replacing redundant data with a pointer. Oneexample of a database system is SAP HANA®. SAP HANA® is a columnoriented relational database system. SAP HANA® is also an in-memorydatabase (IMDB) in which the data associated with the database is storedin main memory instead of disk storage so it may be accessed morequickly. IMDB systems are generally column oriented databases sincecolumn oriented databases make more efficient use of the expensive mainmemory.

Some databases may utilize replication to improve reliability andavailability of the database. If data replication is implemented, thedatabase system may include a first datacenter and a second datacenter.The first datacenter may include a processor and memory sufficient tostore the data associated with the database. The first datacenter maystore a first (primary) copy of the data associated with the database.The second datacenter may also include a processor and memory sufficientto store the data associated with the database. The second datacentermay store a second (e.g., backup or redundant or replica) copy of thedata associated with the database. In some implementations, the databasemay include more than two datacenters (e.g., three or four datacenters).In some implementations, either one or both of the databases is adistributed system or a single server system.

To better utilize the second (and subsequent) datacenter, some databasesystems, such as SAP HANA®, may simultaneously utilize the firstdatacenter and the second datacenter. In this mode of operation, thefirst datacenter may be configured to delegate queries to the seconddatacenter to balance the load between the two systems. Such a situationmay be referred to as Active/Active (AA) operation since the firstdatacenter and the second datacenter both actively respond to queries,or statements, at the same time by executing database operationsresponsive to the queries, or statements, in order to provide aresponse, or return. In some implementations only certain types ofqueries, or statements, may be responded to, or alternatively executed,by the first datacenter or the second datacenter.

In some implementations such balancing may only occur when conditions ofthe first datacenter and the second datacenter are satisfied. The seconddata center may replicate the first database of the first databasecenter in a second database of the second data center, and loadbalancing may only occur when a time delay between the two data centersis sufficiently small, or when a delay in the replication processes atthe second datacenter is sufficiently small. In some implementations,the replication processes may take priority over the ability of one ormore datacenters to support the load balancing operations.

When two or more datacenters or two or more database systems are engagedin load balancing operations, a client application, reliant on adatabase maintained by the first database system and replicated in thesecond database system, may restrict execution of queries to either thefirst database system or the second database system. In such a system,the client application may modify a query, or package a query, withadditional routing information identifying which database may executethe query and under what conditions.

In some embodiments the client may dispatch or issue or transmit itsqueries directly to the database system it wants to obtain a response orreturn from. In other embodiments one or more processes at the clientapplication, the first database system, or the second database systeminform the client application which system will execute the statement orquery. In other embodiments, the client application always issues itsstatements or queries to the first database system. The first databasesystem includes various processes, in a standalone server or in a serverproviding other database services, that support the load balancingoperations by maintaining state data, or having access to such statedata, and making determinations as to whether the statement will beexecuted in the first database system or the second database system. Invarious embodiments, these determinations are made entirely within aclient system. If the load balancing processes determine that thestatement may be executed by the second database system, statement isrouted back to the client application with an indication that thestatement is to be executed in the database of second database system,that may be a backup or replica of the database of the first databasesystem. Then the client issues the query to the second database systemfor execution, and such execution can be contingent upon certainconditions.

The subject matter described herein discloses apparatus, systems,techniques and articles that may provide increased average throughputcapabilities for a database system during high workloads to reduce thelikelihood that a request to the database system for data may be queued,buffered or rejected until sufficient system resources are available tocomplete the request. In some examples, apparatus, systems, techniquesand articles disclosed herein utilize secondary, backup, or replicated,database systems to execute queries to reduce the workload of a primarydatabase system, without interfering with database replicationprocesses, thereby preserving and protecting the availability of thebackup or secondary database.

When a secondary, or backup, database system serves the purpose of HA/DRfunctionality, an apparatus, system, technique or article that utilizesa secondary, backup database system to increase throughput of a workloadon a primary database system must not interfere with the HA/DRfunctionality of the backup system. The use of the backup databasesystem to increase throughput must also maintain the backup database insubstantially the same state as the primary database. In the event ofprimary database system failure, the backup database can assume the roleof the primary database in as little time as possible. Therefore,transactions replicated, or mirrored, to the secondary database must beas close to current as possible. But, under heavy write-intensiveworkloads, replay of transactions executed in the primary by replay oftransaction logs may consume substantial memory resources. Therefore, itis desirable to limit the memory available to load balancing operationsat the secondary, replicated, or backup, database system. It is alsodesirable to allocate a minimum amount of memory resources to thedatabase replication processes. Also, in order enable functional loadbalancing, statements routed to the backup database system thatencounter an out of memory condition, due to the limitation on memoryavailable to load balancing operations, should be routed back to theclient or the primary database system with an indication that thestatement was not executed due to the out of memory condition.

FIG. 1 is a diagram 100 illustrating a database system 105 that can beused to implement aspects of the current subject matter. The databasesystem 105 can, for example, include an in-memory database in which allrelevant data is kept in main memory so that read operations can beexecuted without disk I/O and in which disk storage is required to makeany changes durables. The database system 105 can include a plurality ofservers including, for example, one or more of an index server 110, aname server 115, and/or an application server 120. The database system105 can also include one or more of an extended store server 125, adatabase deployment infrastructure (DDI) server 130, a data provisioningserver 135, and/or a streaming cluster 140. The database system 105 canbe accessed by a plurality of remote clients 145, 150 via differentprotocols such as SQL/MDX (by way of the index server 110) and/orweb-based protocols such as HTTP (by way of the application server 120).

The index server 110 can contain in-memory data stores and engines forprocessing data. The index server 110 can also be accessed by remotetools (via, for example, SQL queries), that can provide variousdevelopment environment and administration tools. Additional detailsregarding an example implementation of the index server 110 is describedand illustrated in connection with diagram 300 of FIG. 3.

The name server 115 can own information about the topology of thedatabase system 105. In a distributed database system, the name server115 can know where various components are running and which data islocated on which server. In a database system 105 with multiple databasecontainers, the name server 115 can have information about existingdatabase containers and it can also hosts the system database. Forexample, the name server 115 can manage the information about existingtenant databases. Unlike a name server 115 in a single-container system,the name server 115 in a database system 105 having multiple databasecontainers does not store topology information such as the location oftables in a distributed database. In a multi-container database system105 such database-level topology information can be stored as part ofthe catalogs of the tenant databases.

The application server 120 can enable native web applications used byone or more remote clients 150 accessing the database system 105 via aweb protocol such as HTTP. The application server 120 can allowdevelopers to write and run various database applications without theneed to run an additional application server. The application server 120can also used to run web-based tools 155 for administration, life-cyclemanagement and development. Other administration and development tools160 can directly access the index server 110 for, example, via SQL andother protocols.

The extended store server 125 can be part of a dynamic tiering optionthat can include a high-performance disk-based column store for very bigdata up to the petabyte range and beyond. Less frequently accessed data(for which is it non-optimal to maintain in main memory of the indexserver 110) can be put into the extended store server 125. The dynamictiering of the extended store server 125 allows for hosting of verylarge databases with a reduced cost of ownership as compared toconventional arrangements.

The DDI server 130 can be a separate server process that is part of adatabase deployment infrastructure (DDI). The DDI can be a layer of thedatabase system 105 that simplifies the deployment of database objectsusing declarative design time artifacts. DDI can ensure a consistentdeployment, for example by guaranteeing that multiple objects aredeployed in the right sequence based on dependencies, and byimplementing a transactional all-or-nothing deployment.

The data provisioning server 135 can provide enterprise informationmanagement and enable capabilities such as data provisioning in realtime and batch mode, real-time data transformations, data qualityfunctions, adapters for various types of remote sources, and an adapterSDK for developing additional adapters.

The streaming cluster 140 allows for various types of data streams(i.e., data feeds, etc.) to be utilized by the database system 105. Thestreaming cluster 140 allows for both consumption of data streams andfor complex event processing.

FIG. 2 is a diagram 200 illustrating a variation of the database system105 that can support distribution of server components across multiplehosts for scalability and/or availability purposes. This database system105 can, for example, be identified by a single system ID (SID) and itis perceived as one unit from the perspective of an administrator, whocan install, update, start up, shut down, or backup the system as awhole. The different components of the database system 105 can share thesame metadata, and requests from client applications 230 can betransparently dispatched to different servers 110 ₁₋₃, 120 ₁₋₃, in thesystem, if required.

As is illustrated in FIG. 2, the distributed database system 105 can beinstalled on more than one host 210 ₁₋₃. Each host 210 ₁₋₃ is a machinethat can comprise at least one data processor (e.g., a CPU, etc.),memory, storage, a network interface, and an operation system and whichexecutes part of the database system 105. Each host 210 ₁₋₃ can executea database instance 220 ₁₋₃ which comprises the set of components of thedistributed database system 105 that are installed on one host 210 ₁₋₃.FIG. 2 shows a distributed system with three hosts, which each run aname server 110 ₁₋₃, index server 120 ₁₋₃, and so on (other componentsare omitted to simplify the illustration).

FIG. 3 is a diagram 300 illustrating an architecture for the indexserver 110 (which can, as indicated above, be one of many instances). Aconnection and session management component 302 can create and managesessions and connections for the client applications 150. For eachsession, a set of parameters can be maintained such as, for example,auto commit settings or the current transaction isolation level.

Requests from the client applications 150 can be processed and executedby way of a request processing and execution control component 310. Thedatabase system 105 offers rich programming capabilities for runningapplication-specific calculations inside the database system. Inaddition to SQL, MDX, and WIPE, the database system 105 can providedifferent programming languages for different use cases. SQLScript canbe used to write database procedures and user defined functions that canbe used in SQL statements. The L language is an imperative language,which can be used to implement operator logic that can be called bySQLScript procedures and for writing user-defined functions.

Once a session is established, client applications 150 typically use SQLstatements to communicate with the index server 110 which can be handledby a SQL processor 312 within the request processing and executioncontrol component 310. Analytical applications can use themultidimensional query language MDX (MultiDimensional eXpressions) viaan MDX processor 322. For graph data, applications can use GEM (GraphQuery and Manipulation) via a GEM processor 316, a graph query andmanipulation language. SQL statements and MDX queries can be sent overthe same connection with the client application 150 using the samenetwork communication protocol. GEM statements can be sent using abuilt-in SQL system procedure.

The index server 110 can include an authentication component 304 thatcan be invoked with a new connection with a client application 150 isestablished. Users can be authenticated either by the database system105 itself (login with user and password) or authentication can bedelegated to an external authentication provider. An authorizationmanager 306 can be invoked by other components of the database system150 to check whether the user has the required privileges to execute therequested operations.

Each statement can be processed in the context of a transaction. Newsessions can be implicitly assigned to a new transaction. The indexserver 110 can include a transaction manager 344 that coordinatestransactions, controls transactional isolation, and keeps track ofrunning and closed transactions. When a transaction is committed orrolled back, the transaction manager 344 can inform the involved enginesabout this event so they can execute necessary actions. The transactionmanager 344 can provide various types of concurrency control and it cancooperate with a persistence layer 346 to achieve atomic and durabletransactions.

Incoming SQL requests from the client applications 150 can be e receivedby the SQL processor 312. Data manipulation statements can be executedby the SQL processor 312 itself. Other types of requests can bedelegated to the respective components. Data definition statements canbe dispatched to a metadata manager 306, transaction control statementscan be forwarded to the transaction manager 344, planning commands canbe routed to a planning engine 318, and task related commands canforwarded to a task manager 324 (which can be part of a larger taskframework) Incoming MDX requests can be delegated to the MDX processor322. Procedure calls can be forwarded to the procedure processor 314,which further dispatches the calls, for example to a calculation engine326, the GEM processor 316, a repository 300, or a DDI proxy 328.

The index server 110 can also include a planning engine 318 that allowsplanning applications, for instance for financial planning, to executebasic planning operations in the database layer. One such basicoperation is to create a new version of a data set as a copy of anexisting one while applying filters and transformations. For example,planning data for a new year can be created as a copy of the data fromthe previous year. Another example for a planning operation is thedisaggregation operation that distributes target values from higher tolower aggregation levels based on a distribution function.

The SQL processor 312 can include an enterprise performance management(EPM) runtime component 320 that can form part of a larger platformproviding an infrastructure for developing and running enterpriseperformance management applications on the database system 105. Whilethe planning engine 318 can provide basic planning operations, the EPMplatform provides a foundation for complete planning applications, basedon by application-specific planning models managed in the databasesystem 105.

The calculation engine 326 can provide a common infrastructure thatimplements various features such as SQLScript, MDX, GEM, tasks, andplanning operations. The SQLScript processor 312, the MDX processor 322,the planning engine 318, the task manager 324, and the GEM processor 316can translate the different programming languages, query languages, andmodels into a common representation that is optimized and executed bythe calculation engine 326. The calculation engine 326 can implementthose features using temporary results 340 which can be based, in part,on data within the relational stores 332.

Metadata can be accessed via the metadata manager component 308.Metadata, in this context, can comprise a variety of objects, such asdefinitions of relational tables, columns, views, indexes andprocedures. Metadata of all these types can be stored in one commondatabase catalog for all stores. The database catalog can be stored intables in a row store 336 forming part of a group of relational stores332. Other aspects of the database system 105 including, for example,support and multi-version concurrency control can also be used formetadata management. In distributed systems, central metadata is sharedacross servers and the metadata manager 308 can coordinate or otherwisemanage such sharing.

The relational stores 332 form the different data management componentsof the index server 110 and these relational stores can, for example,store data in main memory. The row store 336, a column store 338, and afederation component 334 are all relational data stores which canprovide access to data organized in relational tables. The column store338 can stores relational tables column-wise (i.e., in a column-orientedfashion, etc.). The column store 338 can also comprise text search andanalysis capabilities, support for spatial data, and operators andstorage for graph-structured data. With regard to graph-structured data,from an application viewpoint, the column store 338 could be viewed as anon-relational and schema-flexible in-memory data store forgraph-structured data. However, technically such a graph store is not aseparate physical data store. Instead it is built using the column store338, which can have a dedicated graph API.

The row store 336 can stores relational tables row-wise. When a table iscreated, the creator can specify whether it should be row orcolumn-based. Tables can be migrated between the two storage formats.While certain SQL extensions are only available for one kind of table(such as the “merge” command for column tables), standard SQL can beused on all tables. The index server 110 also provides functionality tocombine both kinds of tables in one statement (join, sub query, union).

The federation component 334 can be viewed as a virtual relational datastore. The federation component 334 can provide access to remote data inexternal data source system(s) 354 through virtual tables, which can beused in SQL queries in a fashion similar to normal tables.

The database system 105 can include an integration of a non-relationaldata store 342 into the index server 110. For example, thenon-relational data store 342 can have data represented as networks ofC++ objects, which can be persisted to disk. The non-relational datastore 342 can be used, for example, for optimization and planning tasksthat operate on large networks of data objects, for example in supplychain management. Unlike the row store 336 and the column store 338, thenon-relational data store 342 does not use relational tables; rather,objects can be directly stored in containers provided by the persistencelayer 346. Fixed size entry containers can be used to store objects ofone class. Persisted objects can be loaded via their persisted objectIDs, which can also be used to persist references between objects. Inaddition, access via in-memory indexes is supported. In that case, theobjects need to contain search keys. The in-memory search index iscreated on first access. The non-relational data store 342 can beintegrated with the transaction manager 344 to extends transactionmanagement with sub-transactions, and to also provide a differentlocking protocol and implementation of multi version concurrencycontrol.

An extended store is another relational store that can be used orotherwise form part of the database system 105. The extended store can,for example, be a disk-based column store optimized for managing verybig tables, which ones do not want to keep in memory (as with therelational stores 332). The extended store can run in an extended storeserver 125 separate from the index server 110. The index server 110 canuse the federation component 334 to send SQL statements to the extendedstore server 125.

The persistence layer 346 is responsible for durability and atomicity oftransactions. The persistence layer 346 can ensure that the databasesystem 105 is restored to the most recent committed state after arestart and that transactions are either completely executed orcompletely undone. To achieve this goal in an efficient way, thepersistence layer 346 can use a combination of write-ahead logs, shadowpaging and savepoints. The persistence layer 346 can provide interfacesfor writing and reading persisted data and it can also contain a loggercomponent that manages a transaction log. Transaction log entries can bewritten in the persistence layer 352 (e.g., in transaction log volumes352) explicitly by using a log interface or implicitly when using thevirtual file abstraction. The transaction log volume 352 can includeredo logs which specify database operations to be replayed as well asundo logs which specify database operations to be undone.

The persistence layer 236 stores data in persistent disk storage 348which, in turn, can include data volumes 350 and/or transaction logvolumes 352 that can be organized in pages. Different page sizes can besupported, for example, between 4 k and 16M. Data can be loaded from thedisk storage 348 and stored to disk page wise. For read and writeaccess, pages can be loaded into a page buffer in memory. The pagebuffer need not have a minimum or maximum size, rather, all free memorynot used for other things can be used for the page buffer. If the memoryis needed elsewhere, least recently used pages can be removed from thecache. If a modified page is chosen to be removed, the page first needsto be persisted to disk storage 348. While the pages and the page bufferare managed by the persistence layer 346, the in-memory stores (i.e.,the relational stores 332) can access data within loaded pages.

In many applications, data systems may be required to support operationson a 24/7 schedule, and data system providers may be required toguarantee a maximum amount of downtime, that is time during which asystem is not able to fully support ongoing operations. When a system isrequired to ensure an agreed level of operational performance, it may bereferred to as a high availability system (“HA”). One solution toguarantee substantially continuous uptime with no, or very little,downtime is to maintain one or more hot-standby systems. A hot-standbysystem, or a backup system, is a system that may be activated quickly inthe event of a disruption causing one or more functions of a primaryoperational data system to fail. Such a disruption may be referred to asa disaster, and the process of restoring a data system to fulloperations may be referred to as disaster-recovery (“DR”).

A hot-standby system may be an exact replica of a primary operationalsystem that is capable of providing all the functions provided by theprimary operational system, or a hot-standby may be a system that iscapable of providing a minimum amount of essential functionality duringthe time required to restore the primary operational data system. Thetime it takes after a disaster to restore full, or minimum,functionality of a data system, for example by bringing a hot-standbyonline, is referred to as recovery time. In an effort to minimizerecovery time, and thereby downtime, a hot-standby system is typicallyin a state just short of fully operational. For example, a systemarchitecture may be implemented in which all functional systems of thehot-standby are active and operational, and all system and data changesor updates occur in the primary operational system and the hot-standbyat the exact same time. In such a case the only difference in the twosystems may be that the primary is configured to respond to userrequests and the secondary is not. In other hot-standby systems one ormore functions may be disabled until mission critical systems of thehot-standby are observed to be operating normally, at which time theremaining functions may be brought online.

In many applications, data systems may be required to provide promptresponses to users and applications that rely on the data managed by thedata system. Providers and designers of data systems may be required toguarantee a minimum average throughput over time, or an average maximumresponse time. The speed with which a data system responds to a requestfrom a user or an application may be dependent on many factors, but allsystems are limited in the number of requests they can handle in a givenperiod of time. When a data system manages a relatively large amount ofdata, and supports a relatively large number of users or applications,during high workloads a request may be queued, buffered or rejecteduntil sufficient system resources are available to complete the request.When this happens, average throughput goes down and average responsetime goes up. One solution to such a problem is to distribute theworkload across multiple processing systems. This is known as loadbalancing.

One drawback to load balancing and HA systems is that they may requireadditional processing systems, which in turn have a high cost. It isoften the case with certain data systems supporting critical functionsof an organization that additional systems are needed to perform bothload balancing and HA functionality to efficiently support continuousoperations. Given the redundant nature of DR systems, they are oftenleft undisturbed unless a disaster occurs. Thus, in some circumstances,it is desirable to implement and maintain a combination highavailability/disaster recovery (HA/DR) system with load balancing thatincludes both a primary operational system and a hot-standby system, andpotentially one or more tertiary systems. Such a combination systemallows for load balancing of workload between the processing systems ofboth the primary operational system and the hot-standby system, withoutdisrupting the ability of the HA/DR system to assume primaryfunctionality in the event of a disaster.

FIG. 4 is a functional flow diagram illustrating an architecture 400 tosupport load balancing between a primary database system, or primarysystem 405 a and a secondary database system, or secondary system 405 b,which serves as hot-standby to primary system 405 a. Each of the primarysystem 405 a and the secondary system 405 b may be a single instancesystem, similar to database system 105 depicted in FIG. 1, or each maybe a distributed variation of database system 105 as depicted in FIG. 2.Such an architecture 400 may be useful in a high availability datasystem, or in a disaster recovery system, or in a combination HA/DRsystem.

Each of the primary system 405 a and secondary system 405 b may includea load balancing functionality. Such load balancing functionality mayfor example be contained within a distinct load balancing server 470 aor 470 b. But, such load balancing functionality may be managed by anysuitable processing system. For example, the application server 120 ofthe primary system may also manage the load balancing of requests issuedto the application server of the primary system 405 a, sending requeststo the secondary system 405 b as necessary to maintain a welldistributed workload. The various load balancing processes operating inserver 470 a or 470 b may be components of a larger DBMS system formanaging the primary system 405 a and secondary system 405 b.

As depicted in FIG. 4, each of the primary system 405 a and thesecondary system 405 b includes a load balancing server 470 a and 470 bwhich respectively receive requests from user applications directed tothe primary system 405 a or the secondary system 405 b. Such request maycome from either admin tools 460 or web-based tools 450, or any otheruser application. Upon receiving a request a load balancing server, e.g.470 a, determines how to distribute the workload. As depicted loadbalancing server 470 a routes an SQL request 465 from admin tools 460 tothe index server 110 of the primary system 405 a, while routing an HTTPrequest 455 from web-based tools 450 to the application server 120 ofthe secondary system 405 b.

Load balancing of resources between a primary system 405 a and asecondary system 405 b can give rise to a number of complicating issues.For example, if either of the requests 455, 465 requires writing to oneor more data tables, or modifying a data table, then the two systems 405a, 405 b will diverge. After many instances of write requests beingdistributed between the primary system 405 a and the secondary system405 b, the two systems would be substantially different, and likelyunusable. In another example, an application request, e.g. 465, mayperform a write transaction that is followed by a read transaction, e.g.455, related to the data written by the write request 465. If the writerequest is allocated to the primary system 405 a, the read request wouldobtain a different result depending on whether the subsequent readtransaction is carried out by the primary system 405 a or by thesecondary system 405 b.

Load balancing in a HA/DR system, by distributing a portion of theworkload of a primary data system to a hot-standby or backup system mustbe done in a way that does not disturb the principal purpose of thebackup system, which is to substantially eliminate downtime in a highavailability system by enabling quick and efficient recovery ofoperations. In other words, as a rule load balancing cannot break thehot-standby. Given this principal purpose, any solution that enablesload balancing of workload between a primary system and a backup systemmust maintain the backup system in an identical, or nearly identical,state as the primary system. Such a solution should also avoid orprohibit any actions which may cause the state of the backup system tosubstantially diverge from the state of the primary system. In this way,in the event of a partial or total failure of the primary system due todisaster, the backup system can failover to a primary system mode withminimal or no impact to client applications.

FIG. 5 depicts one possible solution to managing load balancing in aHA/DR system 500. HA/DR system 500 includes a primary system 505 and asecondary system 510 and is capable of load balancing between primarysystem 505 and secondary system 510 without interfering with thehot-standby functionality of the secondary system 510. Each of primarysystem 505 and secondary system 510 may be single instance databasesystems similar to database system 105 depicted in FIG. 1, or adistributed variation of database system 105 as depicted in FIG. 2.Furthermore, each of primary system 505 and secondary system 510 maycomprise less, more or all the functionality ascribed to index server110, 300, name server 115, application server 120, extended store server125, DDI server 130, data provisioning server 135, and stream cluster140. But, for simplicity of illustration HA/DR system 500 has beensimplified to highlight certain functionality by merely distinguishingbetween processing control 555, 560 and a persistence layer 565, 570 ofeach respective system 505, 510. These various components may comprise aDBMS system for controlling the HA/DR system 500 and constitute variousprocesses and components executing within processing control 555, 560and the persistence layer 565, 570. The DBMS system therefore interactsand maintains with the database held in main memory 535, 540 andpersisted in the persistence layer 565, 570.

A collection of clients may each maintain an open connection to both theprimary system 505 and the secondary system 525. Clients 515 mayinteract with a database managed by the primary system 505 or thesecondary system 510. Such clients may interact through clientapplications or through components of the DBMS system executing at theclient 515. In other cases, the clients may rely on a client applicationlibrary containing various processes and techniques for interacting withthe database systems. For example, a client 515 maintains a read/writeconnection for issuing read and write statements 520 to the primarysystem 505 and a read only connection for issuing read statements 525 tothe secondary system 510. Alternatively, client 515 may maintain aread/write connection with each of the primary system 505 and thesecondary system 510, while processes within the secondary system 510itself prohibit execution of any requests that require a writetransaction upon the secondary system while it is in backup mode. Inembodiments read/write statements 520 are issued to the primary databasesystem 505, while only read statements 525 are issued to the backup, orsecondary, database system 510.

In embodiments load balancing of the workload required by a clientapplication executing at client 515 is managed by the client 515application itself. In such cases, client applications may includeportions of the functionality of workload balancing servers 470 a or 470b. Alternatively, a client 515 application may submit a query request toeither the primary system 505 or the secondary system 510. Processcontrol 555, 560 load balancing processes executing on processor 545,550 then may determine where the query should be executed and replies tothe client 515 with instructions identifying which system the client 515should issue the query to. This determination may consider resourcesavailable for statement execution in each database system 505, 510,among other conditions.

Primary system 505 may include an in-memory database in whichsubstantially all actively used data may be kept and maintained in mainmemory 535 so that operations can be executed without disk I/O, whichrequires accessing disk storage. As statements are execute the in-memorydatabase is updated by various database operations caused by thestatement. These database operations then generate transaction logswhich are shipped to the secondary system 510 for replication 530 in thesecondary database system 510. Each of the processes for managing thisworkload consume memory 535 resources by requesting memory allocationfrom a memory allocator, which may be a process within process control555. In embodiments, active applications and processes within processingcontrol 555 cause processor 545 to read and write data into main memory535 or to disk in the persistence layer 565. Processing control 555applications can also cause processor 545 to generate transaction logs(e.g., redo log, undo log, cleanup log, commit logs, savepoint logs,heartbeat logs, etc.) for capturing data transactions upon the database,which processor 545 then persists in the log volumes 585. Assubstantially all actively used data may reside in-memory, processingcontrol 555 may interact primarily with data held in main memory whileonly resorting to data volumes 575 for retrieving and writing less oftenused data. Additional processes within processing control 555 may beexecuted by processor 545 to ensure that in-memory data is persisted inpersistence layer 565, so that the data is available upon restart orrecovery. Similar processes are ongoing in the associated secondarydatabase 510.

Primary system 505 may be the primary operational system for providingthe various functionality necessary to support 24/7 operations for anorganization. Secondary system 510 may be a hot-standby, ready to comeonline with minimal recovery time so as to minimize downtime. Secondarysystem 510 may be an identical physical system as primary system 505,and may be configured in a substantially identical manner in order toenable the secondary system 510 to provide all the same functionality asprimary system 505. For example, processing control 560 may include allthe same applications and functionality as processing control 555, andpersistence layer 570 may include data volumes 580 and log volumes 590that are configured in an identical manner as data volumes 575 and logvolumes 585 respectively. Secondary system 510 may also include anin-memory database kept and maintained primarily in main memory 540.

Primary system 505 and secondary system 510 differ in that all requests,from client 515 or otherwise, that require a write transaction areexecuted only in primary system 505. Primary system 505 and secondarysystem 510 further differ in that all write transactions are prohibitedby the secondary system 510. In order to propagate changes to the dataor the underlying schema from the primary system 505 to the secondarysystem 510, processor 545 also replicates, 530 transaction logs directlyto the process control 560 of the secondary system 510. Process control560 includes processes that cause processor 550 to then replay thetransaction logs replicated from the primary system 505, therebyreplicating or mirroring the transactions or data at the secondarysystem 510. As transaction logs are replayed, the various transactionsexecuted at the primary system become reflected in the secondary system510. In order to ensure both the HA functionality and the load balancingfunctionality, replay of the transaction logs at the secondary systemplaces data in main memory 540, and also persists any data committed inthe primary system to persistence layer 570 to be stored by data volumes580. Replay of the transaction logs at the secondary system 510 may alsoresults in transaction logs being persisted in log volumes 590.

Transaction logs (e.g., redo logs, undo logs, cleanup logs, commit logs,savepoint logs, heartbeat logs, etc.) may be replicated 530 in differentways. In embodiments, a standby system is maintained in nearly the samestate as the primary system, and logs may be replicated synchronouslymeaning that the primary system will not commit a transaction until thesecondary successfully responds to the log replication. Such anarrangement slows performance of the primary system 505, 405 a.Conversely, where performance of a primary system is a priority, logsmay be replicated asynchronously, in which case the primary operationproceeds with committing transactions without waiting for a response.Various tradeoffs can be made between these two scenarios to achieve aproper level of performance while ensuring replication of critical data.

A secondary system in standby mode, such as secondary system 510, canonly be as current as its most recently replayed transaction logs.Transaction logs are replicated and replayed at the secondary system 510only after a transaction executes in the primary system 505. Secondarysystem 510, therefore, is always slightly behind an associated primarysystem 515. Also, there is no guarantee that a query routed to theprimary system in a load balancing effort will be executed before,during or after a particular transaction log is replayed. Thus, thestate of the primary system 505 and the state of the secondary systemwill rarely if ever be identical. But, by addressing certain concerns,secondary system 510 may be kept in a state substantially close to thesame state as the primary system 505 such that the workload required bymany operations can be supported by the secondary 510.

As discussed above, when a secondary, or backup, database system 405 b,510 serves the purpose of HA/DR functionality, and a load balancingoperation simultaneously utilizes the secondary, backup, database system405 b, 510 to increase throughput of a workload on a primary databasesystem, the load balancing operations must not interfere with the HA/DRfunctionality of the backup system. The use of the backup databasesystem 405 b, 510 by load balancing operations to increase throughputmust maintain the backup database in nearly the same state as theprimary database. In the event of primary database system 405 b, 510failure, the backup database 405 b, 510 must be able to assume the roleof the primary database in as little time as possible. Therefore,transaction replication or mirroring in the secondary database must beundisturbed as a result of assuming a portion of a load balancedworkload.

In embodiments, to protect database replication processes in a HA/DRsystem 500, a minimum amount of system resources, for example processingcontrol 560 resources such as processor 550 resources and main memory540 resources, are guaranteed to the database replication processes. Asdiscussed above, one way of performing database replication is throughtransaction log replication 530 in the HA/DR system 510. In embodimentsprocessor 550 may be one or more multi-core processors. And, transactionlog replication 530 is performed in parallel by multiple threadsexecuting concurrently in multiple cores of multiple processors 550.This parallel processing of processes occurs in a system with a totalamount of shared memory resources 540. This use of parallel processes toperform database replication may require a substantial amount of memoryresources depending on the number of parallel threads and the amount ofmemory consumed by each thread during intensive workloads. Inembodiments each replication tread may be allocated to a distinct corewithin processor 550, while statement execution processes are handled bythreads or processes executing in separate and distinct cores ofprocessor 550.

In embodiments, a backup system 510 that is supporting load balancingoperations of a related primary database 505 will also allocate portionsof memory to individual statements as they are received. Thus, thedatabase replication processes compete directly with the statementexecution processes for memory resources, e.g. 540. Where the in-memorydatabase is also resident in the same memory 540 relied upon by thestatement related processes, the in-memory database will also consumememory resources 540. In other embodiments, the database is residentwithin one or more logically or physically separate and distinct serversfrom the application and other DBMS servers, and so need not competedirectly for processor 550 and main memory 540 resources with otherprocesses in processor control 560. In such cases, the replicationprocesses and statement execution processes may continue to compete forresources.

As a statement executes, for example by a processor 550 according to oneor more processes within process control 560, the threads handling thatexecution may require additional memory resources from main memory 540,and so may make a request for additional memory allocations to handlethe statement. The database system will allocate memory according to oneor more memory allocation policies or algorithms, which may be stored ina persistent state in persistence layer 570 and executed by processcontrol 560. These memory allocation policies or algorithms may be partof a DBMS operating through processes in processor control 560. Asstatements execute in the backup database, for example read statements525, and portions of memory 540 are allocated to support the executionof those statements in processor 550, the memory allocations diminishthe amount of memory 540 that remains available to additional receivedstatements, other executing statements, and other executing processeswithin process control 560. Memory allocated to statement handlingthreads reduces the amount of memory 540 available to databasereplication threads, for example threads replaying transaction logs 530received from the primary database system 505.

In embodiments, a limit to the amount of memory allocated to statements,e.g. read/write statements 520 or read statements 525 executing within adatabase system 505 or 510 is implemented. The allocation of memory maybe allocated by a memory allocation process. When a statement isreceived, for example a read statement via read connection 525 fromclient 515, processes within process control 555, 560 executing onprocessor 545, 550 request an allocation of memory in main memory 535,540 to support the execution of the various database operationsimplicated by the statement. This limit to the amount of memory thatwill be allocated to statement execution protects other processes withinthe system. For example, in the secondary database system, the limitsprotect the database replication processes by ensuring that a minimumamount of memory is available to the database replication processes,thereby assuring that statement execution will not interfere with thedatabase replication processes or by extension the HA/DR functionalityof the secondary database system 510.

The memory allocator, generally, may allocate memory to all the processcontrol processes executing in processor 550. In embodiments both theprimary database system 505 and the secondary database system 510 dependon a memory allocator process to manage the memory allocations ofprocesses within processing control 545, 550 or the persistence layer565, 570. The memory allocation process may interact directly with thephysical layer of the computer processing system, or it may interactwith components of an abstraction layer between the database systemcomponents and the physical layer. The abstraction layer for example maycomprise a computer operating system within which the DBMS and databaseexecute, and which exposes memory allocation functions rendering themavailable to the database system 505, 510 processor control 555, 560. Inother embodiments the memory allocators are distinct processes withinthe abstraction layer with which the DBMS interacts when executingvarious statements or component processes.

When a request is made, the memory allocator may apply different memoryallocation policies to different requests in order to determine whetheror not to grant the requested allocation of memory. For example, thememory allocator may respond to a memory allocation request from athread or process handling statement execution, and the various databasesystem operations implicated by the statement, according to a firstpolicy. Similarly, the memory allocator responds to a request from thein-memory database, or the database replication processes, according toa different policy.

In embodiments, a policy for allocating memory to database replicationprocesses, for example threads executing in parallel within processor550 to replay transaction logs from the primary database system 505, mayrequire that a percentage of main memory 540 be reserved for databasereplication processes. Another policy may reserve another percentage ofmemory resources 540 to the in-memory database, and yet another policymay reserve a percentage of memory for statement execution. Each ofthese policies may independently rely on additional factors fordetermining whether an allocation will be granted. For example, a policymay cause the memory allocator to deny a request for allocation ofmemory to statement execution when the database replication processeshave consumed a threshold amount of memory, while granting the samerequest when the database replication processes have not consumed athreshold amount of memory.

In embodiments these policies may by default cause the memory allocatorto reserve fixed portions of memory during database starting up, and theallocation remain fixed during execution. When a statement executionprocess requests memory, the allocator process may determine whether theportion of memory reserved for statement execution has sufficientavailable memory, and if so a block of memory will be allocate to thestatement and reserved for executing the statement within the reservedportion. Upon allocation by the allocator, a pointer to the block is bepassed to the process managing execution of the statement. The block ofmemory may be a range of memory or multiple non-continuous ranges. Whenexecution of a statement requires additional memory, a subsequentrequest to the allocator may be made. In response additional memory maybe allocated or denied based on the availability of memory within thestatement execution block.

In other embodiments, a policy for allocating memory to variousprocesses may be dynamic, and cause memory allocators to allocate memoryupon request depending on which process makes the request and relevantworkload conditions. For example, a policy may cause a memory allocatorto evaluate how much total unallocated memory remains available, andgrant or deny the requested allocation based on the priority of therequesting process. When the total available unallocated memory fallsbelow a threshold, the memory allocator may deny a requested allocationof memory to statement execution related processes, and yet grant arequest for a similar amount of memory to database replication processeshaving a higher priority under the policy than statement executionprocesses.

In yet other embodiments, memory allocation may rely on memoryallocation limit objects to allocate memory in a dynamic fashion. Thepurpose of the limit object is to limit the peak memory size allocatedby all threads limited by the particular limit object. Thus, a policymay allocate memory to a statement execution process relying on astatement execution limit object, and the policy may allocate memory toa database replication process relying on a replication limit object.The memory allocators may refer to the requesting process in determinewhich policy to apply, or the requesting process may identify whichlimit object is associated with the process under the policy. In otherwords, the allocator may access the policy during runtime or the policymay be effected within the various DBMS components themselves, or thepolicy may include a combination of approaches. The policy may alsoallow for special conditions, such as race conditions, when one or morepolicy limits may be relaxed or temporarily ignored.

An exemplary limit object in a multicore processor environment, such asprocessor 550, has two values: a specified limit L and a delta value D.The exemplary limit object also has a set of slot objects, one for eachlogical core. Each slot object includes a temporary limit value T andmemory used value U. The slot data may alternatively be striped vialogical cores for performance reasons. When a statement is received by asecondary database the memory allocator may pass the statement handlingprocess, e.g. within process control 550, a pointer to the statementlimit object. The value L is set and indicates the limit on peak memoryallocated to all statements executing within the secondary databasesystem 510. And, all statements executing within the secondary databaseare limited by L by virtue of being limited by the same statement limitobject. Initially U and T are unsigned integers initialized with zero(0).

When a request for allocation is made to a memory allocator relying onlimit objects, the allocators check to see if a limit object exists forthe requesting process. In embodiments the limit objects may bemaintained in thread local storage and the memory allocator checks tosee if a corresponding limit object is set in thread local storage. If acorresponding limit object does not exist, the allocator may deny therequest or grant the request depending on the policy.

If a corresponding limit object does exist, the allocator will evaluatethe appropriate slot of the limit object corresponding to the logicalcore(s) in which the process or thread is executing to obtain U and T.For example, if an allocation request is for s bytes, the allocator willperform a check to determine if U+s≤T, and if the check is successfulthe allocator will increment U by s. If U+s≤T fails, then the algorithmsums up all the values U in all the slots of the limit object to obtainS, the total used size of processes in each logical core limited by thelimit object. Thus, for j slots, ΣU_(j)=S. The allocator then performs asecond check to determine if S+s+D≤L. If this check succeeds, then thetemporary slot limit T is incremented by s+D, and U is incremented by s,the requested allocation. If this second check S+s+D≤L fails, theallocation fails and the limit object remains unchanged. In this way,memory allocation is managed dynamically as needed on a per statementbasis yet confined to the limit object limit L. Memory allocationpolicies may rely on either S, or a sum of all T_(j), i.e. ΣT_(j), orboth when determining whether a request for allocation will succeed.

When statement execution is complete, the statement handling process mayinitiate a deallocation process by informing the memory allocator thatthe memory is no longer needed. For example, the processes may pass thepointer back to the allocator causing the memory to deallocate. Inembodiments the pointer is passed to a free function which deallocatesthe memory making it available to the memory allocators. In otherembodiments the allocation is automatically freed when a process ends.In embodiments relying on limit objects deallocation may require arequest to the memory allocator, which may deallocate memory in analgorithmic fashion. For example, if the limit object is similar to thelimit object discussed above, the memory allocator may check if U−s>T−D,and if the check succeeds, U is decremented by s, the freed memory size.If this deallocation check fails, the allocator sets T=U−s+D.

In embodiments, a client 515 issues a statement, e.g. a read statement525, to the secondary database. When the client statement 525 isreceived by a secondary database system 510, a statement executionprocess executing in processor 550 requests an allocation of memory 540from a memory allocator executing in processor 550. If the allocation isgranted, the statement execution process continues execution inprocessor 550 supported by the allocated portion of the memory 540 and areturn is generated and returned to the client for further handling orprocessing. If the allocation is denied, a return is generated byprocessor 550 including information indicative of the out of memorycondition in the secondary database system 510, and the return is sentto the client for further handling or processing. For example, theclient 515 may initiate fallback processes of the client applicationlibrary and thereby execute the statement in the primary system when thesecondary system returns an out of memory condition.

In embodiments, the HA/DR system 500 is engaged in load balancingoperations. A client in HA/DR system 500 issue a statement by default tothe primary database system 505. Load balancing processes executing onprocessor 545 determine that the statement may be load balanced, andthereby routed to the secondary database 510 for execution. In someembodiments, the client application library informs the client 515 whichstatements can be routed, and the client 515 appends routing informationto statements issued to the primary system 505 to indicate whichstatements may be routed through load balancing operations to asecondary database for execution and under what conditions. A primarysystem 505 receiving a client statement including routing informationwill evaluate whether the statement may be routed based on the routinginformation.

When the primary system determines that the statement may be routed, itresponds to the client informing the client to request the secondarysystem 510 attempt to execute the statement. A statement executionprocess executing in processor 550 will attempt to execute thestatement, and requests an allocation of memory 540 from a memoryallocator executing in processor 550. If the allocation is granted thestatement execution process continues execution in processor 550supported by the allocated portion of the memory 540 and a return isgenerated and returned to the client for further handling or processing.If the allocation is denied, a return is generated by processor 550including information indicative of the out of memory condition in thesecondary database system 510, and the return is sent to the client toinitiate fallback processing. The client informs the primary system ofthe fallback condition and requests that the primary system execute thestatement in the primary system.

In some embodiments, only read statements may be routed by loadbalancing operations. In other embodiments, only certain non-criticalstatements may be routed by load balancing operations. Whether astatement may be routed will depend in part on the needs, demands andpriority or criticality of the client application and the determinationsof the system architect.

In embodiments the DBMS may track or monitor the memory allocated tovarious statements for reporting and visibility purposes. When anallocator allocates memory, the DBMS may independently maintain theamount of memory 540 allocated to each statement or DBMS process inprocessor control 560 executing in processor 550. Alternatively, theDBMS may poll the allocators or a limit object to gather informationabout memory usage for the reporting and visibility purposes.

FIG. 6 illustrates an exemplary report 600 of statement memory usagegenerated by a DBMS process executing in a database system. Report 600includes eight rows 2-9 corresponding to individual statement executionmemory allocation referred to by connection and by statement identifier,for example row 610. Each row reports various elements of informationincluding the currently used memory (INCLUSIVE_SIZE_IN_USE) and thetotal allocated memory for each statement (INCLUSIVE_ALLOCATED_SIZE).Report 600 also includes a single row 620 reporting the aggregatedstatement memory consumption value, including the sum ofINCLUSIVE_SIZE_IN_USE for each reported statement and the sum ofINCLUSIVE_ALLOCATED_SIZE for each reported statement. In embodiments, areport is generated and dumped to a log file each time an out of memorycondition is encountered in response to a request for allocation.

FIG. 7 is a process flow diagram illustrating an arrangement in which,at 710, a secondary database system receives a statement requestingdatabase operations in the secondary database system. The secondarydatabase system is mirroring data stored in the primary database systemas part of a HA/DR system. The secondary database systems is alsosupporting the workload of the primary system by executing statementsrouted to the secondary database system by load balancing processes ofthe HA/DR system. Thereafter, at 720, a process of the secondarydatabase system requests an allocation of memory to support the databaseoperations requested by the statement. The secondary database system, at730, generates an aggregated statement memory consumption valueindicating the total amount of memory used by, or allocated to,processes handling execution of statements in the secondary databasesystem. Based on the aggregated statement memory value, at 740, thesecondary database system evaluates whether the requested allocationwill exceed a total statement execution memory limit. Further, based onthe evaluation, at 750, the secondary database system denies therequested allocation.

FIG. 8 is a process flow diagram illustrating an arrangement in which,at 810, a client within an HA/DR system with load balancing, sends orissues a statement requesting database operations to a primary databasesystem. The client interacts with a primary database system that has anassociated secondary database system mirroring data stored in theprimary database system. Thereafter, at 820, the client receives aresponse from the primary database instructing the client to attempt toexecute the statement in the secondary database. The client, at 830, thesends the statement to the secondary database for execution.Subsequently, at 840, the client receives a response from the secondarydatabase indicating that the attempted execution has failed as a resultof an out of memory condition. Responsive to the response from thesecondary database, at 850, the client requests that the primarydatabase execute the statement.

FIG. 9 is a process flow diagram illustrating an arrangement in which,at 910, a primary database system generates transaction logs containingrecords of database operations executed in the primary database system.The primary database system has an associated secondary database systemmirroring the data stored in the primary database and providing workloadservice as part of a load balancing operation. Thereafter, at 920, theprimary database system sends the transaction logs to the secondarydatabase system for replay in order to mirror the data stored in theprimary database. Concurrently with the generation and sending oftransaction logs, at 930, the primary database routes a statementrequesting database operations to the secondary database system.Thereafter, the primary database system receives, at 940, an out ofmemory condition from the secondary database, and at 950, the primarydatabase system executes the statement.

One or more aspects or features of the subject matter described hereincan be realized in digital electronic circuitry, integrated circuitry,specially designed application specific integrated circuits (ASICs),field programmable gate arrays (FPGAs) computer hardware, firmware,software, and/or combinations thereof. These various aspects or featurescan include implementation in one or more computer programs that areexecutable and/or interpretable on a programmable system including atleast one programmable processor, which can be special or generalpurpose, coupled to receive data and instructions from, and to transmitdata and instructions to, a storage system, at least one input device,and at least one output device. The programmable system or computingsystem may include clients and servers. A client and server aregenerally remote from each other and typically interact through acommunication network. The relationship of client and server arises byvirtue of computer programs running on the respective computers andhaving a client-server relationship to each other.

These computer programs, which can also be referred to as programs,software, software applications, applications, components, or code,include machine instructions for a programmable processor, and can beimplemented in a high-level procedural language, an object-orientedprogramming language, a functional programming language, a logicalprogramming language, and/or in assembly/machine language. As usedherein, the term “machine-readable medium” refers to any computerprogram product, apparatus and/or device, such as for example magneticdiscs, optical disks, memory, and Programmable Logic Devices (PLDs),used to provide machine instructions and/or data to a programmableprocessor, including a machine-readable medium that receives machineinstructions as a machine-readable signal. The term “machine-readablesignal” refers to any signal used to provide machine instructions and/ordata to a programmable processor. The machine-readable medium can storesuch machine instructions non-transitorily, such as for example as woulda non-transient solid-state memory or a magnetic hard drive or anyequivalent storage medium. The machine-readable medium can alternativelyor additionally store such machine instructions in a transient manner,such as for example as would a processor cache or other random accessmemory associated with one or more physical processor cores.

To provide for interaction with a user, the subject matter describedherein may be implemented on a computer having a display device (e.g., aCRT (cathode ray tube) or LCD (liquid crystal display) monitor) fordisplaying information to the user and a keyboard and a pointing device(e.g., a mouse or a trackball) and/or a touch screen by which the usermay provide input to the computer. Other kinds of devices may be used toprovide for interaction with a user as well; for example, feedbackprovided to the user may be any form of sensory feedback (e.g., visualfeedback, auditory feedback, or tactile feedback); and input from theuser may be received in any form, including acoustic, speech, or tactileinput.

In the descriptions above and in the claims, phrases such as “at leastone of” or “one or more of” may occur followed by a conjunctive list ofelements or features. The term “and/or” may also occur in a list of twoor more elements or features. Unless otherwise implicitly or explicitlycontradicted by the context in which it is used, such a phrase isintended to mean any of the listed elements or features individually orany of the recited elements or features in combination with any of theother recited elements or features. For example, the phrases “at leastone of A and B;” “one or more of A and B;” and “A and/or B” are eachintended to mean “A alone, B alone, or A and B together.” A similarinterpretation is also intended for lists including three or more items.For example, the phrases “at least one of A, B, and C;” “one or more ofA, B, and C;” and “A, B, and/or C” are each intended to mean “A alone, Balone, C alone, A and B together, A and C together, B and C together, orA and B and C together.” In addition, use of the term “based on,” aboveand in the claims is intended to mean, “based at least in part on,” suchthat an unrecited feature or element is also permissible.

The subject matter described herein can be embodied in systems,apparatus, methods, and/or articles depending on the desiredconfiguration. The implementations set forth in the foregoingdescription do not represent all implementations consistent with thesubject matter described herein. Instead, they are merely some examplesconsistent with aspects related to the described subject matter.Although a few variations have been described in detail above, othermodifications or additions are possible. In particular, further featuresand/or variations can be provided in addition to those set forth herein.For example, the implementations described above can be directed tovarious combinations and subcombinations of the disclosed featuresand/or combinations and subcombinations of several further featuresdisclosed above. In addition, the logic flows depicted in theaccompanying figures and/or described herein do not necessarily requirethe particular order shown, or sequential order, to achieve desirableresults. Other implementations may be within the scope of the followingclaims.

What is claimed is:
 1. A method for implementation by one or morecomputer processors forming part of at least one computing device, themethod comprising: receiving, by at least one computer processor, afirst statement including requests for database operations in asecondary database system, the secondary database system comprising datareplicated from a primary database system by replaying transaction logscontaining output generated by the primary database system; requesting,by at least one computer processor, responsive to the first statement,an allocation of memory from the secondary database system to supportthe requested database operations; generating, by at least one computerprocessor, an aggregated statement memory consumption value based on theamount of memory consumed by all statements executing in the secondarydatabase system that are not associated with replaying the transactionlogs; determining, by at least one computer processor, that therequested allocation of memory in addition to the aggregated statementmemory consumption value exceeds a total statement execution memorylimit value indicating the total amount of memory that is available forallocation to all database operations associated with statementsexecuted by a secondary database system; and denying, by at least onecomputer processor, responsive to the determination, the requestedallocation of memory.
 2. The method for implementation by one or morecomputer processors of claim 1, further comprising: generating astatement limit object comprising: the total statement execution memorylimit value, and an allocation amount value indicating a minimum amountof memory allocated responsive to a request for memory allocation,wherein determining that the requested allocation of memory in additionto the aggregated statement memory consumption value exceeds the totalstatement execution memory limit value includes: polling the limitobject; summing the aggregated statement memory consumption value with amultiple of the allocation amount value to obtain a result; andevaluating whether the result exceeds the total statement executionmemory limit value.
 3. The method for implementation by one or morecomputer processors of claim 1, wherein the first statement is receivedfrom a client application of the primary database system, wherein theprimary database system is engaged in a load balancing operation withthe secondary database system, the method further comprising: routing,by at least one computer processor, responsive to denying the request,the first statement to the client application with informationindicating that the statement is to be routed to the primary databasesystem.
 4. The method for implementation by one or more computerprocessors of claim 3, further comprising: de-allocating, by at leastone computer processor, memory of the secondary database system from acompleted statement; receiving, by at least one computer processor, asecond statement including a second request for second databaseoperations in the secondary database system; requesting, by at least onecomputer processor, responsive to the request for secondary databasesystem operations, a second allocation of memory; generating, by atleast one computer processor, a second aggregated statement memoryconsumption value based on the amount of memory consumed by allstatements executing at the secondary database system that are notassociated with replaying the transaction logs; determining, by at leastone computer processor, that the requested second allocation of memoryin addition to the second aggregated statement memory consumption valuedoes not exceed a total statement execution memory limit value; andallocating, by at least one computer processor, responsive to thedetermining, memory to a thread for executing the requested seconddatabase operations.
 5. The method for implementation by one or morecomputer processors of claim 4, wherein allocating memory to the threadincludes: passing, by at least one computer processors, a statementmemory limit object to the thread, the statement memory limit objectcomprising: the total statement execution memory limit value, and anallocation value indicating the memory allocated to the thread; themethod further comprising: executing, by at least one computer processorhandling the thread, the second database operations requested by thesecond statement; detecting, by at least one computer processor, thatthe thread requires an increased memory allocation; determining, basedon the limit object, that the increased memory allocation will not causethe aggregated statement memory consumption value to exceed the totalstatement execution memory limit value; and allocating, by at least onecomputer processor, the increased memory allocation; and updating theallocation value of the statement memory limit object by generating anew aggregated statement memory consumption value accounting for theincreased memory allocation and replacing the aggregated statementmemory consumption value with the new aggregated statement memoryconsumption value.
 6. The method for implementation by one or morecomputer processors of claim 5, further comprising; executing, by atleast one computer processor, a plurality of additional threads, whereineach additional thread respectively executes database operationsrequested by a plurality of statements; allocating, by at least onecomputer processor, memory to each of the plurality of additionalthreads by passing each thread a pointer to the statement memory limitobject.
 7. The method for implementation by one or more computerprocessors of claim 6, further comprising generating a databasereplication execution memory limit value indicating the total amount ofmemory allocated to replicating the primary database system in thesecondary database system by replaying transaction logs containingoutput generated by the primary database system.
 8. The method forimplementation by one or more computer processors of claim 7, furthercomprising setting the database replication execution memory limit valueto fifty percent of total system memory at the secondary databasesystem.
 9. The method for implementation by one or more computerprocessors of claim 1, further comprising: detecting, by one or morecomputer processors, that replication of the primary database systembased on the transaction logs of the primary database system requiresadditional memory; generating, by one or more computer processors, a newtotal amount of memory that is available for consumption by the databaseoperations associated with the statements executed in the secondarydatabase system, the generating based on the additional memory requiredby the replication of the secondary database system; and updating, byone or more computer processors, the total statement execution memorylimit parameter with the new total amount of memory that is availablefor consumption by the database operations associated with thestatements executed in the secondary database system.
 10. The method forimplementation by one or more computer processors of claim 9, whereinthe replication of the primary database system based on replaying thetransaction logs containing output generated by the primary databasesystem includes: receiving, by one or more computer processors, databasetransaction log containing output generated by the primary databasesystem while the primary database system previously executed clientrequested database operations; and replicating, by one or more computerprocessors, the client requested database operations in the secondarydatabase system based on the output generated by the primary databasesystem in the database transaction logs.
 11. The method forimplementation by one or more computer processors of claim 10, whereinreplicating the client requested database operations causes replicationstatements to be executed by the secondary database system, thereplication statements being handled by a plurality of threads havingassociated replication memory allocations, and further wherein thestatements not associated with replicating the primary database systembased on the transaction logs of the primary database system exclude thereplication statements.
 12. The method for implementation by one or morecomputer processors of claim 1, further comprising: generating, by atleast one computer processor, a memory allocation report containing anassociation respectively between each statement executing in the primarydatabase system associated with each respective memory allocation, andfurther containing the generated aggregated statement memory consumptionvalue.
 13. A system comprising: at least one data processor; and memorystoring instructions, which when executed by at least one dataprocessor, result in operations comprising: receiving a first statementincluding requests for database operations in a secondary databasesystem, the secondary database system comprising data replicated from aprimary database system by replaying transaction logs containing outputgenerated by the primary database system; requesting responsive to thefirst statement, an allocation of memory from the secondary databasesystem to support the requested database operations; generating anaggregated statement memory consumption value based on the amount ofmemory consumed by all statements executing in the secondary databasesystem that are not associated with replaying the transaction logs;determining that the requested allocation of memory in addition to theaggregated statement memory consumption value exceeds a total statementexecution memory limit value indicating the total amount of memory thatis available for allocation to all database operations associated withstatements executed by a secondary database system; and denyingresponsive to the determination, the requested allocation of memory. 14.The system of claim 13, wherein the operations further comprise:generating a statement limit object comprising: the total statementexecution memory limit value, and an allocation amount value indicatinga minimum amount of memory allocated responsive to a request for memoryallocation, wherein determining that the requested allocation of memoryin addition to the aggregated statement memory consumption value exceedsthe total statement execution memory limit value includes: polling thelimit object; summing the aggregated statement memory consumption valuewith a multiple of the allocation amount value to obtain a result; andevaluating whether the result exceeds the total statement executionmemory limit value.
 15. The system of claim 13, wherein the firststatement is received from a client application of the primary databasesystem, wherein the primary database system is engaged in a loadbalancing operation with the secondary database system, and theoperations further comprise: routing, by at least one computerprocessor, responsive to denying the request, the first statement to theclient application with information indicating that the statement is tobe routed to the primary database system.
 16. The system of claim 13,wherein the operations further comprise: de-allocating, by at least onecomputer processor, memory of the secondary database system from acompleted statement; receiving, by at least one computer processor, asecond statement including a second request for second databaseoperations in the secondary database system; requesting, by at least onecomputer processor, responsive to the request for secondary databasesystem operations, a second allocation of memory; generating, by atleast one computer processor, a second aggregated statement memoryconsumption value based on the amount of memory consumed by allstatements executing at the secondary database system that are notassociated with replaying the transaction logs; determining, by at leastone computer processor, that the requested second allocation of memoryin addition to the second aggregated statement memory consumption valuedoes not exceed a total statement execution memory limit value; andallocating, by at least one computer processor, responsive to thedetermining, memory to a thread for executing the requested seconddatabase operations.
 17. The system of claim 16, wherein allocatingmemory to the thread includes: passing a statement memory limit objectto the thread, the statement memory limit object comprising: the totalstatement execution memory limit value, and an allocation valueindicating the memory allocated to the thread; and the operationsfurther comprise: executing the second database operations requested bythe second statement; detecting that the thread requires an increasedmemory allocation; determining, based on the limit object, that theincreased memory allocation will not cause the aggregated statementmemory consumption value to exceed the total statement execution memorylimit value; allocating the increased memory allocation; and updatingthe allocation value of the statement memory limit object by generatinga new aggregated statement memory consumption value accounting for theincreased memory allocation and replacing the aggregated statementmemory consumption value with the new aggregated statement memoryconsumption value.
 18. The system of claim 17, wherein the operationsfurther comprise: executing a plurality of additional threads, whereineach additional thread respectively executes database operationsrequested by a plurality of statements; allocating memory to each of theplurality of additional threads by passing each thread a pointer to thestatement memory limit object; generating a database replicationexecution memory limit value indicating the total amount of memoryallocated to replicating the primary database system in the secondarydatabase system by replaying transaction logs containing outputgenerated by the primary database system; and wherein the operationsfurther comprise: setting the database replication execution memorylimit value to fifty percent of total system memory at the secondarydatabase system.
 19. The system of claim 13, wherein the operationsfurther comprise: detecting that replication of the primary databasesystem based on the transaction logs of the primary database systemrequires additional memory; generating a new total amount of memory thatis available for consumption by the database operations associated withthe statements executed in the secondary database system, the generatingbased on the additional memory required by the replication of thesecondary database system; updating the total statement execution memorylimit parameter with the new total amount of memory that is availablefor consumption by the database operations associated with thestatements executed in the secondary database system, wherein thereplication of the primary database system based on replaying thetransaction logs containing output generated by the primary databasesystem includes: receiving database transaction log containing outputgenerated by the primary database system while the primary databasesystem previously executed client requested database operations; andreplicating the client requested database operations in the secondarydatabase system based on the output generated by the primary databasesystem in the database transaction logs, wherein replicating the clientrequested database operations causes replication statements to beexecuted by the secondary database system, the replication statementsbeing handled by a plurality of threads having associated replicationmemory allocations, and further wherein the statements not associatedwith replicating the primary database system based on the transactionlogs of the primary database system exclude the replication statements.20. A non-transitory computer program product storing instructionswhich, when executed by at least one data processor forming part of atleast one computing device, result in operations comprising: receiving afirst statement including requests for database operations in asecondary database system, the secondary database system comprising datareplicated from a primary database system by replaying transaction logscontaining output generated by the primary database system; requestingresponsive to the first statement, an allocation of memory from thesecondary database system to support the requested database operations;generating an aggregated statement memory consumption value based on theamount of memory consumed by all statements executing in the secondarydatabase system that are not associated with replaying the transactionlogs; determining that the requested allocation of memory in addition tothe aggregated statement memory consumption value exceeds a totalstatement execution memory limit value indicating the total amount ofmemory that is available for allocation to all database operationsassociated with statements executed by a secondary database system; anddenying responsive to the determination, the requested allocation ofmemory.